Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sx_IsbjXOZwInWL94IyZ_i5cTmE.roa
File: Sx_IsbjXOZwInWL94IyZ_i5cTmE.roa (raw, json)
Hash identifier: HHnwnkKX7sX3RR3WUpSsJWLEqSBU1AXH75xSYY1YLDk=
Subject key identifier: 4B:1F:C8:B1:B8:D7:39:9C:08:9D:62:FD:E0:8C:99:FE:2E:5C:4E:61
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194252216C53FA6C67E9DC6EDD76F91C829
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sx_IsbjXOZwInWL94IyZ_i5cTmE.roa
Signing time: Thu 02 Jan 2025 03:49:38 +0000
ROA not before: Thu 02 Jan 2025 03:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204374
IP address blocks: 2a0e:b107:ba0::/44 maxlen: 48
2a0e:b107:ba0::/48 maxlen: 48
2a0e:b107:ba1::/48 maxlen: 48
2a0e:b107:ba2::/48 maxlen: 48
2a0e:b107:ba3::/48 maxlen: 48
2a0e:b107:ba4::/48 maxlen: 48
2a0e:b107:ba5::/48 maxlen: 48
2a0e:b107:ba6::/48 maxlen: 48
2a0e:b107:ba7::/48 maxlen: 48
2a0e:b107:ba8::/48 maxlen: 48
2a0e:b107:ba9::/48 maxlen: 48
2a0e:b107:baa::/48 maxlen: 48
2a0e:b107:bab::/48 maxlen: 48
2a0e:b107:bac::/48 maxlen: 48
2a0e:b107:bad::/48 maxlen: 48
2a0e:b107:bae::/48 maxlen: 48
2a0e:b107:baf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:16:c5:3f:a6:c6:7e:9d:c6:ed:d7:6f:91:c8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b1fc8b1b8d7399c089d62fde08c99fe2e5c4e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8d:c7:67:57:dd:3d:e8:34:13:8e:d5:0d:a5:
0e:c6:bf:6d:e6:6a:65:c8:23:7c:70:6c:86:31:f8:
38:32:05:d4:42:97:3f:79:a1:d8:07:fe:3f:82:6f:
4f:2d:56:40:a1:45:56:7a:50:9d:c3:42:d2:fd:c9:
32:28:2a:8f:46:a5:7e:95:42:4d:d8:a3:a9:db:a7:
8b:16:af:32:e1:b0:f0:89:bf:cc:40:07:fe:f0:60:
a1:5e:88:0c:50:77:c3:eb:4c:b0:80:74:70:77:ec:
6e:d5:a4:19:62:4a:c4:4d:02:51:40:7a:38:b2:c3:
8a:5f:e9:80:2c:a7:c7:b8:3f:c0:01:fa:61:a9:e9:
ad:6a:d8:83:c8:af:12:74:46:84:c4:21:f2:6b:4f:
a3:40:80:6a:96:1f:c7:2b:3c:07:e2:75:85:3e:78:
9d:69:5c:45:e2:f9:b5:8c:eb:cc:54:1d:d4:e6:dd:
8a:e2:97:5c:06:6f:bc:a3:97:f2:53:78:76:c1:a6:
d0:c0:8b:b0:65:f7:17:58:fc:cc:b7:43:0a:96:88:
6f:c0:b7:e3:27:87:32:c5:74:e1:aa:f1:a3:57:af:
7c:f4:c1:d5:cb:31:a4:e6:4f:78:11:ad:ef:36:d9:
37:51:0c:2e:b0:e4:af:27:ca:58:de:1e:76:8f:e4:
7e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1F:C8:B1:B8:D7:39:9C:08:9D:62:FD:E0:8C:99:FE:2E:5C:4E:61
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sx_IsbjXOZwInWL94IyZ_i5cTmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ba0::/44
Signature Algorithm: sha256WithRSAEncryption
4e:a9:0b:ac:b6:59:e0:0c:ef:c2:a3:3a:b0:34:ca:c4:4f:81:
80:a4:b1:dd:db:4d:01:35:85:f3:5c:d2:c2:47:49:a1:aa:a9:
6a:cc:29:67:b5:67:10:83:3d:71:e7:7d:61:50:cd:9d:17:97:
13:3e:53:f0:52:12:9c:2a:bd:1b:0b:af:5f:a9:bd:5f:ca:70:
d8:c6:bb:09:19:86:6c:f8:b0:6b:78:62:fe:ab:97:25:a3:c9:
06:79:f2:0a:5e:27:72:06:fd:f9:38:08:c8:79:7e:53:a1:3d:
20:3e:1f:8d:8e:1c:24:25:8b:ea:83:15:78:d7:fc:58:4d:a0:
1a:cd:ba:dd:24:c1:9b:1b:a8:f8:fe:a8:04:bc:fc:36:23:eb:
93:4c:a0:d0:6d:fd:22:a5:db:b6:fa:28:51:c3:6e:cd:37:94:
a4:dc:d4:0c:23:a0:ee:b9:eb:7d:a5:25:36:ae:bf:2c:1e:83:
91:5e:b3:72:a9:64:13:77:d3:13:b1:27:59:82:72:59:d1:a1:
90:71:6d:0e:35:e9:18:74:ec:e4:d5:d5:e9:bc:dd:35:bb:21:
e6:e0:d6:36:fb:cb:48:d6:bc:c5:d8:de:7d:eb:09:9a:37:93:
6b:5a:71:bd:40:c6:06:54:7d:98:53:bf:ff:0f:f1:3b:15:97:
17:f3:26:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIhbFP6bGfp3G7ddvkcgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjFmYzhiMWI4ZDczOTljMDg5ZDYyZmRlMDhjOTlmZTJlNWM0ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI3HZ1fdPeg0E47VDaUOxr9t5mpl
yCN8cGyGMfg4MgXUQpc/eaHYB/4/gm9PLVZAoUVWelCdw0LS/ckyKCqPRqV+lUJN
2KOp26eLFq8y4bDwib/MQAf+8GChXogMUHfD60ywgHRwd+xu1aQZYkrETQJRQHo4
ssOKX+mALKfHuD/AAfphqemtatiDyK8SdEaExCHya0+jQIBqlh/HKzwH4nWFPnid
aVxF4vm1jOvMVB3U5t2K4pdcBm+8o5fyU3h2wabQwIuwZfcXWPzMt0MKlohvwLfj
J4cyxXThqvGjV6989MHVyzGk5k94Ea3vNtk3UQwusOSvJ8pY3h52j+R+awIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEsfyLG41zmcCJ1i/eCMmf4uXE5hMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU3hfSXNialhPWndJbldMOTRJeVpfaTVjVG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwug
MA0GCSqGSIb3DQEBCwUAA4IBAQBOqQustlngDO/CozqwNMrET4GApLHd200BNYXz
XNLCR0mhqqlqzClntWcQgz1x531hUM2dF5cTPlPwUhKcKr0bC69fqb1fynDYxrsJ
GYZs+LBreGL+q5clo8kGefIKXidyBv35OAjIeX5ToT0gPh+NjhwkJYvqgxV41/xY
TaAazbrdJMGbG6j4/qgEvPw2I+uTTKDQbf0ipdu2+ihRw27NN5Sk3NQMI6Duuet9
pSU2rr8sHoORXrNyqWQTd9MTsSdZgnJZ0aGQcW0ONekYdOzk1dXpvN01uyHm4NY2
+8tI1rzF2N596wmaN5NrWnG9QMYGVH2YU7//D/E7FZcX8yYQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:43:44 2025 by rpki-client